cld/protected/controller/fee/fee_controller.php

<?php
/*
 * @description: 费用管理控制类
 * @Author: CP
 * @Date: 2020-11-11 17:51:05
 * @FilePath: \cld\protected\controller\fee\fee_controller.php
 */
class fee_controller extends DooController {
	
	public $staff;
	
	public function beforeRun($resource, $action) {
		
		$this->accessAuth($resource, $action);
	}
	
	function __construct() {
		
		if (isset ( $_COOKIE ["staff"] )) {
				
			if (! empty ( $_COOKIE ["staff"] )) {
		
				Doo::loadModel ( 'staff' );
				Doo::loadModel ( 'verify' );
				$verify = new verify ();
				$staff = new staff ();
				Doo::loadModel ( "execute" );
				$execute = new execute ();
		
				$verifyList = $verify->find ( array (
						'select' => 'staff',
						'asArray' => true
				) );
				$list = array ();
		
				// 判断角色的审批权限
				foreach ( $verifyList as $key => $value ) {
					$ver = json_decode ( $value ['staff'] );
						
					foreach ( $ver as $k => $v ) {
						if ($v [1] == 'ROLE') {
							$roleList = json_decode ( $v [3] );
							foreach ( $roleList as $t => $g ) {
								$gList = explode ( "_", $g );
								array_push ( $list, $gList [0] );
								// print_r($list);
							}
						} else
							array_push ( $list, $v [0] );
					}
				}
		
				// 判断执行人的审批权限
				$executeList = $execute->find ( array (
						'where'=>'mold !="日常收支"',
						'select' => 'staff',
						'asArray' => true
				) );
				$list2 = array ();
				foreach ( $executeList as $key => $value ) {
					$ver = json_decode ( $value ['staff'] );
						
					foreach ( $ver as $k => $v ) {
						array_push ( $list2, $v [0] );
					}
				}
		
				$eidList = file_get_contents ( "protected/config/execute/execute.ini" );
				$eidList = array_filter ( explode ( ",", $eidList ) );
		
				$this->executeId = array_merge ( $list2, $eidList );
				//print_r($this->executeId);
				$this->verifyId = $list;
				//$this->staff = $staff->getUserByIdList ( $_COOKIE ["staff"] );
		
				// 检测用户信息完成
				$this->data ['isStaffCompleteMsg'] = false;
				$detail = $staff->checkStaffInfoIsComplete ( $_COOKIE ["staff"] );
				if (! empty ( $detail ))
					$this->data ['isStaffCompleteMsg'] = true;
		
					return "/";
			}
		}
		
		Doo::loadCore ( 'uri/DooUriRouter' );
		$router = new DooUriRouter ();
		$routeRs = $router->execute ( Doo::app ()->route, Doo::conf ()->SUBFOLDER );
		
		if ($routeRs ['1'] != "login") {
			header ( 'Content-Type:text/html;charset=utf-8' );
			@header ( "Location: /login" );
		}
	}
	
	//构建申请报销单页面
	public function GetViewReceiptCreate(){
		
		$data ['memu'] = "receipt";
		$this->render ( "/fee/create/receipt",$data );
	}
	
	// 访问权限-费用管理
	private function accessAuth($resource, $action){
		Doo::loadClass ( 'XDeode' );
		$XDeode = new XDeode ( 5 );
		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
		// 1.单独判断公司汇总的访问权限
		if ($action == 'companyCategoryCollect') {
			Doo::loadModel ( "receiptAuthorityManage" );
			$invoiceCompanyManage = new receiptAuthorityManage ();
				
			$icm = $invoiceCompanyManage->getInvoiceCMByStaff ( $sid );
			if (empty ( $icm ))
				die ( 'illegal request-无权访问该页面' );
		}
		
		//2.获得登陆用户信息
		Doo::loadModel ( 'cld/staff_cld' );
		$staff = new staff_cld ();
		$this->staff = $staff->Get($sid);
		
		//3.是否有权限访问
		$accessModular = 'RECEIPTS';
		if (empty ( $this->staff ['cldAccessArray'] )){
			die ( 'illegal request-无权访问费用页面，向总部申请权限' );
		}else {
				if (in_array ( $accessModular, $this->staff ['cldAccessArray'] )) {
					if (Doo::acl ()->isAllowed ( $accessModular, $resource, $action )) {
						$flag = true;
					} else {
						$flag = false;
					}
				} else {
					die ( 'illegal request-无权访问费用页面' );
				}
			}
			if (! $flag)
				die ( 'illegal request-无权访问费用页面' );
	}
	
	private function session(){
		
	}
	
}

?>